Resources
The layman's guide to AML/CTF Rules 2025: Part 7 - Correspondent banking
16 September, 2025
Disclaimer: The content on this website is general and is not legal advice. Before you make a decision or take a particular action based on the content on this website, you should check its accuracy, completeness, currency and relevance for your purposes. You may wish to seek independent professional advice.
Understanding Correspondent banking under Australia’s AML/CTF Rules 2025
Part 7 explains the due diligence you must do before and during a correspondent banking relationship that involves a vostro account, and what a senior officer must review and approve. It focuses on identifying, documenting and managing ML/TF/PF and other serious-crime risks.
Here’s the quick version:
- Before you start: Do a written risk assessment covering who owns/controls the respondent (and any parent), what the respondent does (products, channels, customers, expected transactions/services), where they operate, the quality of local AML/CTF regulation/supervision and their compliance history, whether their AML/CTF controls are appropriate, and any adverse public info. If payable-through accounts are involved, confirm the respondent will do initial and ongoing CDD on those customers and can give you their CDD info and verification data on request.
- Senior-officer sign-off: A senior officer must review the written assessment, be satisfied your AML/CTF program can manage the risks, and—if payable-through applies—be satisfied the respondent will perform CDD and can provide CDD info plus underlying verification data.
- Keep it current: While the relationship is live, keep assessing risk using the same factors, at risk-based intervals and at least every 2 years.
Useful links
Designated services
Division 1 - Due diligence assessment for entry into correspondent banking relationship
7-1: Requirements for due diligence assessment
Before you enter a correspondent banking relationship that involves a vostro account, complete a due diligence assessment of ML/TF/PF and other serious-crime risks. In that assessment, consider:
- Who they are: ownership, control and management of the respondent and any parent.
- What they do: nature, size and complexity of the respondent’s business, including: products/services, delivery channels, customer types and what transactions/services you expect under the relationship.
- Where they operate: countries the respondent (and any parent with group-wide controls) operates in and/or is a resident of.
- Regulatory quality & history: strength of AML/CTF regulation/supervision in those countries and the respondent’s compliance track record.
- Controls: whether the respondent’s AML/CTF policies, procedures, systems and controls are appropriate.
- Reputation/adverse information: public information on investigations, regulatory actions, or criminal/civil matters involving the respondent or relevant group entities.
- If the relationship includes payable-through accounts (the respondent’s customers can access your vostro):
- Confirm the respondent performs initial and ongoing CDD on those customers; and
- Confirm they can provide, on request, the customers’ CDD information and the independent verification datathey relied on.
7-2 Matters to which a senior officer must have regard before giving approval
Before you approving a correspondent banking relationship with another financial institution that will involve a vostro account, the senior officer must review the written due diligence assessment and be satisfied your AML/CTF program can manage the identified risks.
If payable-through accounts are involved, they must also be satisfied the respondent will do initial and ongoing CDD on those customers using the payable-through accounts and can provide you, on request, their CDD information and verification data.
Division 2—Requirements for ongoing due diligence assessments
7-3 Requirements for ongoing due diligence assessments
While the relationship is in place, you must keep assessing ML/TF, proliferation financing and other serious-crime risks, using the same set of considerations listed above in 7-1 ( 7‑1(3)(a) to (g) in the Rules).
7-4 Timing of ongoing due diligence assessments
Do these assessments at risk-based intervals (consider overall risk level and any material changes) and, in any case, at least every 2 years.
People also read:
- The layman's guide to AML/CTF Rules 2025: Part 2 - Reporting groups
- The layman's guide to AML/CTF Rules 2025: Part 3 - Enrolment
- The layman's guide to AML/CTF Rules 2025: Part 4 - Registration
- The layman's guide to AML/CTF Rules 2025: Part 5 - AML / CTF Programs
- The layman's guide to AML/CTF Rules 2025: Part 6 - Customer due diligence (CDD)
- The layman's guide to AML/CTF Rules 2025: Part 7 - Correspondent banking
- The layman's guide to AML/CTF Rules 2025: Part 9 - Reporting
- AML/CTF Rules 2025: A plain-English overview for busy professionals
About First AML
First AML comes from the perspective of both a technology provider, but also as compliance professionals. Prior to releasing, First AML’s all-in-one AML workflow platform, we processed over 2,000,000 AML cases ourselves. Understanding the acute problem that faces firms these days as they try to scale their own AML, is in our DNA.
That's why First AML now powers thousands of compliance experts around the globe to reduce the time and cost burden of complex and international entity KYC. Source stands out as a leading solution for organisations with complex or international onboarding needs. It provides streamlined collaboration and ensures uniformity in all AML practices.
Keen to find out more? Book a demo today!